Palo Alto Networks
Palo Alto Networks is an enterprise security company offering an integrated platform which consists of three elements: its Next Generation Firewall, its Advanced Endpoint Protection, and its Threat Intelligence Cloud. A natively integrated platform brings network, cloud and endpoint security into a common architecture, with complete visibility and control, ensuring an organization can detect and prevent attacks.
The Next Generation Firewall delivers white-listing based, hardware accelerated application, user, and content visibility and control, as well as protection against network-based cyber threats integrated within the firewall through its hardware and software architecture.
Its Advanced Endpoint Protection prevents cyber-attacks that aim to exploit software vulnerabilities on a range of fixed and virtual endpoints and servers. The Threat Intelligence Cloud provides central intelligence capabilities, security for software as a service (SaaS) applications and automated delivery of preventative measures against cyber-attacks.
Palo Alto Network's Next Generation Firewall appliances incorporate its PAN-OS operating system. The PAN-OS operating system contains App-ID, User-ID, site-to-site virtual private networking (VPN), remote access SSL-VPN and Quality-of-Service (QoS). All appliances starting with the PA-200 up to the PA-7080 are being classified based on throughput.
Panorama is the centralized security management solution for global control of all appliances deployed on a network as a virtual appliance or a physical appliance. Panorama is used for centralized policy management, device management, software licensing and updates, centralized logging and reporting, and log storage. Panorama controls the security, network address translation (NAT), QoS, policy based forwarding, decryption, application override, captive portal, and distributed denial of service/denial of service (DDoS/DoS) protection aspects of the appliances and virtual systems under management. Panorama centrally manages device software and associated updates, including SSL-VPN clients, GlobalProtect clients, dynamic content updates, and software licenses. Panorama offers the ability to view logs and run reports from all managed appliances without the need to forward the logs and to report on aggregate user activity for all users, including mobile users.
Virtual system upgrades are available as extensions to the virtual system capacity that ships with the appliance. The virtual systems provides a virtualization solution to its enterprise and service provider end customers that implement data centers, private cloud, and public cloud security infrastructures and need to support a multi-tenant firewall environment.
Palo Alto Networks offer a number of subscription services as part of its platform, including Threat Prevention Subscription, URL Filtering Subscription, GlobalProtect Subscription, WildFire Subscription, Traps Subscription, AutoFocus Subscription and Aperture Subscription. The Threat Prevention Subscription service provides the intrusion detection and prevention capabilities of its platform. The Company's threat prevention engine blocks vulnerability exploits, viruses, spyware, buffer overflows, denial-of-service attacks, and port scans from compromising and damaging enterprise information resources. It includes mechanisms, such as protocol decoder-based analysis, protocol anomaly based protection, stateful pattern matching, statistical anomaly detection, heuristic-based analysis, custom vulnerability, and spyware phone home signatures.
Learn more about the Next Generation Firewall
Application identification aka. App-ID is the application classification engine that uses multiple identification techniques to determine the exact identity of applications traversing the network. App-ID is the foundational classification engine that provides the core traffic classification to all other functions in the platform. App-ID uses a series of classification techniques to identify an application. When traffic first enters the network, App-ID applies an initial policy check based on Internet Protocol (IP) and port. App-ID classifies all network traffic, including business applications, consumer applications and network protocols, across all ports. User-ID integrates its platform with a range of enterprise user directories and technologies, including Active Directory, eDirectory, Open lightweight directory access protocol (LDAP), Citrix Terminal Server, Microsoft Exchange, Microsoft Terminal Server and ZENworks. A network-based, User-ID agent communicates with the domain controllers, directories, or supported enterprise applications, mapping information such as user, role and current IP address to the firewall, making the policy integration transparent.
Learn more about Application Identification
Application Layer content security aka. Content-ID combines a real-time threat prevention engine, a cloud-based analysis service and a comprehensive uniform resource locator (URL) categorization database to limit unauthorized data and file transfers, detect and block a wide range of threats and control non-work related web surfing. The threat prevention engine blocks several types of attacks, including vulnerability exploits, buffer overflows, and port scans from compromising and damaging enterprise information resources. It includes mechanisms, such as protocol decoder-based analysis, protocol anomaly based protection, stateful pattern matching, statistical anomaly detection, heuristic-based analysis, custom vulnerability, and spyware phone home signatures. SP3 is thesoftware and hardware architecture that consists of two elements: single-pass software and parallel processing hardware. Palo Alto Networks uses a unique, custom-developed single-pass software which achieves two key functions in its platform: it performs operations once per packet and the content scanning step is stream-based and uses uniform signature matching to detect and block threats.
A web and URL Filtering service provides URL categorization and detection capabilities on the Palo Alto Networks platform. The URL filtering database consists of URLs across many categories. It is designed to monitor and control employee web surfing activities and distinguish good from bad traffic leaving the network. GlobalProtect VPN is a service providing protection for mobile users of both, traditional laptop devices and mobile devices. The WildFire sandbox environment is a cloud-based or appliance-based service offering protection against targeted malware and advanced persistent threats.
Learn more about Content Identification and Security
Traps Subscription service provides protection for Windows-based fixed and virtual endpoints and servers. It protects against cyber-attacks that aim to exploit software vulnerabilities through its capability of stopping the underlying exploit techniques and can prevent cyber-attacks without relying on prior knowledge of the attack. AutoFocus Subscription and Aperture Subscription are cloud-based services. The Company offers standard support, premium support, and 4-hour premium support to its end customers and channel partners. The Professional services are primarily delivered through its authorized channel partners. These services include application traffic management, solution design and planning, configuration, and firewall migration.